Security Operations Analyst II

Security Operations Center (SOC) Analyst II

Now that you’ve found the job description, what’s next?

At VF, we strive to foster a culture of belonging based on respect, connection, openness, and authenticity.  As a purpose-led, performance-driven company, we are committed to inclusion, diversity, equity, and action. So, before we get to the job details, take a minute to learn a little more about us – our values and our culture – visit VF Careers or www.vfc.com.

What will you do?

A day in the life of a Security Operations Center (SOC) Analyst II at VF looks a little like this.

As technology continues to advance so does the threat landscape. Attackers are now using more sophisticated tactics to evade security controls. As a result, VF must also continue to advance its capabilities in threat detection and monitoring systems.

The SOC Tier II Analyst is responsible for monitoring, analysis, response, and escalation of security incidents and events. The Security Operations Center is the first line of detection and defense which actively monitors the SIEM (Security Information & Event Management), reviews log and event data, and works tickets associated with said data. Providing research using internal and open-source tools, resolving and escalating incidents using established policies and procedures. 

Let’s break down that day-in-the-life a bit more.

Monitoring and Analysis:

• Monitor and analyze logs, alerts, and external data sources to determine any security and/or operational impact on the organization.
• Monitor the SIEM environment for the global organization, providing resolution to events and incidents triggered within the SIEM tool as part of day-to-day operations.
• Address security events, analyze data, and provide recommended actions or escalate to incident analysts for further review.

Research and Threat Intelligence:

• Conduct research on security events and threat intelligence using internal and open-source tools.
• Perform proactive threat research and validation of security event data.
• Engage in threat hunting activities to proactively identify potential threats and vulnerabilities within the network.

Incident Response:

• Serve as an escalation point for Tier I SOC Analysts; resolve or escalate cybersecurity incidents according to established policies and procedures.
• Collaborate with technical teams to identify, investigate, resolve, and mitigate security events as part of the Incident Response Plan.
• Participate in incident post-mortem analysis to identify root causes and recommend improvements to prevent future incidents.

Threat Detection:

• Ensure critical infrastructure reports into the SIEM and work with appropriate teams to remediate identified deficiencies.
• Create reference sets within the SIEM tool to support Tier 1 SOC Analysts in threat research.
• Evaluate unwarranted changes within the environment as part of monitoring rules within the SIEM tool.
• Enhance detections, alerts, and other cyber event correlation rules within the SIEM to reduce false positives.

Documentation and Reporting:

• Perform documentation of event analysis and record this data within our Incident Tracking tool, ensuring all relevant data is captured within each incident.
• Approve various security requests originated by the Tier I SOC Analysts.

Training and Development:

• Train new SOC Tier I Analysts on security tools and SOC procedures.
• Represent the Security Operations team in various SOC, Incident Response, and Cyber Security projects.
• Work on optimizing and fine-tuning security tools and systems to improve detection and response capabilities.

What do you need to succeed?

We all have unique skills that we bring to work and celebrate every day. For this role, there are foundation skills you’ll need to succeed and excel. Additionally, while formal education in a related field is great to have, we are most interested in your 3+  years of experience and professional achievements.

The foundation skills you will need in this position are:

• Experience executing security incident handling and investigation processes and procedures.
• Familiarity with modern EDR/XDR tools.  Experience with Crowdstrike Falcon considered a plus.
• Proficiency in digital forensics and incident response (DFIR) methodologies and execution across common enterprise operating systems.
• Understanding of cybersecurity frameworks (NIST CSF, MITREs ATT&CK & D3FEND, Lockheed Martin kill chain, etc) and their respective applications in a corporate cybersecurity environment.
• Working knowledge of networking fundamentals including network forensics, the OSI Model, TCP/IP, DNS (Domain Name System), HTTP, SMTP), System Administration and/or Architecture.
• Proficient understanding of various operating systems and their architectures: Windows, Unix/Linux and OSX.
• Exposure to cloud computing environments with a focus on triaging cloud-based security incidents within AWS, Microsoft Azure, and Ali Cloud. 
• Previous experience operating and tuning SIEM tools, Microsoft Sentinel experience preferred.
• Effective communication skills with the ability to work in a collaborative environment across many disciplines.
• Strong relationship skills and collaborative style to enable success across multiple business partners with a focus on building partnerships.
• Excellent analytical, communication, and problem-solving skills.
• Scripting capabilities in PowerShell and Python are considered a plus.
• Previous experience working in a tiered SOC model.

There are also a few skills that are not required but preferred.

• Professional security management certifications such as; Global Information Assurance Certification (GIAC) certifications such as GCIA, GCIH, GCFA, GCFE or other similar credentials are a plus.

What do we offer you?

At VF, we know you expect as much from us as we do from you. That is why we make a commitment to support and grow our people. We offer extensive development and growth opportunities for your current and future positions, a competitive compensation package, and a strong benefits package that includes medical, dental, vision, and 401(k).

Our commitment extends beyond this and into your daily work life. We strive to foster a diverse and inclusive culture based on respect, connection, and authenticity. Our focus on DEI is at the foundation of who we are and what we do.

To learn more about VF’s benefits package, follow this MyVFBenefits.com and click “Looking to Join VF”.

To learn more about VF’s Diversity and Inclusion efforts, go to www.vfc.com.

Now WE have a question for YOU.

Are you in?

Hiring Range:

$84,000.00 USD – $105,000.00 USD annually

Incentive Potential: This position is eligible for additional compensation awards that may include an annual incentive plan, sales incentive, or commission potential. Specific details of the additional compensation eligibility for this position will be provided during the recruiting and interview process.

Benefits at VF Corporation: You can review a general overview of each benefit program offered, including this year’s medical plan rates on www.MyVFbenefits.com  and by clicking Looking to Join VF? Detailed information on your benefits will be provided during the hiring process.

Please note, our hiring ranges are determined and built from market pay data. In determining the specific compensation for this position, we comply with all local, state, and federal laws.

At VF, we value a diverse, inclusive workforce and we provide equal employment opportunity for all applicants and employees. All qualified applicants for employment will be considered without regard to an individual’s race, color, sex, gender identity, gender expression, religion, age, national origin or ancestry, citizenship, physical or mental disability, medical condition, family care status, marital status, domestic partner status, sexual orientation, genetic information, military or veteran status, or any other basis protected by federal, state or local laws.  If you are unable to submit your application because of incompatible assistive technology or a disability, please contact us at [email protected]. VF will reasonably accommodate qualified individuals with disabilities to the extent required by applicable law.

Pursuant to all applicable local Fair Chance Ordinance requirements, including but not limited to the San Francisco Fair Chance Ordinance, VF will consider for employment qualified applicants with arrest and conviction records.